The rapid expansion of Internet services enables people to do increasingly more things online, e.g. work, communicate, shop, bank, entertain, etc. Many objects used in people's lives, such as doors, electronic devices, cars, etc. are also connected to the Internet.
For Internet services, a user typically logs into his/her computer and then logs into the service he/she wants to use. The login typically requires a username and password, and optionally another factor of authentication. It is well known that passwords are a weak authentication scheme and are not convenient, especially when one has to manage a large number of them.
The latest technology advancements have brought a variety of smaller personal devices into people's lives, e.g. cell phones, smart watches, fitness trackers, smart clothes, etc. People have these devices with them all the times.
Some of these devices have security features and cryptographic capabilities, which can protect data and their communication with the outside. Users are able to authenticate to their devices via different means, e.g. by knowledge (e.g. PIN) or biometrics.
When a user has a computer and one or more other personal devices, the user needs to authenticate to each one of them individually in order to use them. This is inconvenient and can be insecure if the user has the same short password or PIN for all the different devices. This invention provides a solution that mitigates the problem.